Last week malware peddlers have managed to compromise the DNS records of Go Daddy hosted websites so that they would redirect victims to malicious sites hosting the Cool exploit kit and ultimately leading to ransomware.

At the time, it was unknown whether the DNS record hijacking was due to a security hole or stolen login credentials, but Scott Gerlach, Go Daddy’s Director of Information Security Operations, has reassured the company's customers by stating yesterday that it was due to phishing.

"Go Daddy has detected a very small number of accounts have malicious DNS entries placed on their domain names. We have been identifying affected customers and reversing the malicious entries as we find them. Also, we’re expiring the passwords of affected customers so the threat actors cannot continue to use the accounts to spread malware," he shared with TNW.

"We suspect that the affected customers have been phished or their home machines have been affected by Cool Exploit as we have confirmed that this is not a vulnerability in the My Account or DNS management systems."

He advised customers located in the US and Canada to enable two-step authentication to help protect their accounts and prevent this from happening to them. The rest of the customers will have to wait for the option to be made available.

In the meantime, all customers would do well to consider changing their passwords to a stronger one that they haven't used for any other service.

Spotlight

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.

As ISPs, hosting providers and online enterprises around the world continue suffering the effects of DDoS attacks, often the discussions that follow are, “What is the best way to defend our networks and our customers against an attack?”

The code redirects visitors to another URL where the Fiesta exploit kit is hosted, which then tries to detect and exploit several vulnerabilities in various software. If it succeeds, the visitors are saddled with a banking Trojan.

Looking for an Android-based tablet for your child but don't know which one to choose? If you are concerned about the device's protection against random hackers, Bluebox Security has just released a review of the nine most popular Android tablet models aimed specifically at children.